@Override public Principal getCallerPrincipal() { return getWrapped().getCallerPrincipal(); }
@Override public Principal getCallerPrincipal() { return getWrapped().getCallerPrincipal(); }
@Override public Principal getCallerPrincipal() { return getWrapped().getCallerPrincipal(); }
@Override public Principal getCallerPrincipal() { return getWrapped().getCallerPrincipal(); }
private AuthenticationStatus processCallerInitiatedAuthentication(InvocationContext invocationContext, HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws Exception { // Try to authenticate with the next interceptor or actual authentication mechanism AuthenticationStatus authstatus; try { authstatus = (AuthenticationStatus) invocationContext.proceed(); } catch (AuthException e) { authstatus = AuthenticationStatus.SEND_FAILURE; } if (authstatus == AuthenticationStatus.SUCCESS) { if (httpMessageContext.getCallerPrincipal() == null) { return AuthenticationStatus.SUCCESS; } // Actually authenticated now, so we remove the authentication dialog marker removeCallerInitiatedAuthentication(httpMessageContext.getRequest()); // TODO: for some mechanisms, such as OAuth the caller would now likely be at an // application OAuth landing page, and should likely be returned to "some other" location // (e.g. the page from which a login link was clicked in say a top menu bar) // // Do we add support for this, e.g. via a watered down savedRequest (saving only a caller provided URL) // Or do we leave this as an application responsibility? } return authstatus; }
private AuthenticationStatus processCallerInitiatedAuthentication(InvocationContext invocationContext, HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws Exception { // Try to authenticate with the next interceptor or actual authentication mechanism AuthenticationStatus authstatus; try { authstatus = (AuthenticationStatus) invocationContext.proceed(); } catch (AuthException e) { authstatus = AuthenticationStatus.SEND_FAILURE; } if (authstatus == AuthenticationStatus.SUCCESS) { if (httpMessageContext.getCallerPrincipal() == null) { return AuthenticationStatus.SUCCESS; } // Actually authenticated now, so we remove the authentication dialog marker removeCallerInitiatedAuthentication(httpMessageContext.getRequest()); // TODO: for some mechanisms, such as OAuth the caller would now likely be at an // application OAuth landing page, and should likely be returned to "some other" location // (e.g. the page from which a login link was clicked in say a top menu bar) // // Do we add support for this, e.g. via a watered down savedRequest (saving only a caller provided URL) // Or do we leave this as an application responsibility? } return authstatus; }
if (authstatus == AuthenticationStatus.SUCCESS && httpMessageContext.getCallerPrincipal() != null) { toCallerPrincipal(httpMessageContext.getCallerPrincipal()), httpMessageContext.getGroups() );
if (authstatus == AuthenticationStatus.SUCCESS && httpMessageContext.getCallerPrincipal() != null) { toCallerPrincipal(httpMessageContext.getCallerPrincipal()), httpMessageContext.getGroups() );
if (httpMessageContext.getCallerPrincipal() == null) { return AuthenticationStatus.SUCCESS; httpMessageContext.getCallerPrincipal(), httpMessageContext.getGroups()));
if (httpMessageContext.getCallerPrincipal() == null) { return AuthenticationStatus.SUCCESS; httpMessageContext.getCallerPrincipal(), httpMessageContext.getGroups()));